IDS mailing list archives
Re: Best Host IDS Tools
From: Frank Knobbe <fknobbe () knobbeits com>
Date: 25 Dec 2002 00:22:51 -0600
On Mon, 2002-12-23 at 22:37, frank wrote:
I have just setup my Web server on solaris platform and is planning to deploy a freeware IDS. Now I am evaluating the below IDS tools :- AIDE Snort Tripwire Chkrootkit and would like to have the comments from everyone on which is the best IDS tools ?
Frank, no offense, but I don't think you will get an answer to that question. It's like asking "which is the best car". There is none, and there are all. It depends what you want to achieve.
Or what is the best combination so that I can mix them together to form a more complete IDS enabled environment.
Actually, you already listed a good combination. You are aware that the software you listed all perform different tasks, right?
Or is there any other better free IDS tools available ?
There are certainly other free IDS tools out there, not necessarily better or worse. Check out Samhain as an alternative to Tripwire or Prelude as an alternative to Snort. Which one is 'better' is an opinion you will have to make for yourself. I suggest you install each software and evaluate it for yourself. You should use the software that you feel more comfortable with, that you can administer easier, and/or that fits better into your infrastructure. You don't have to use what Joe prefers. Merry Christmas! Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Best Host IDS Tools frank (Dec 24)
- Re: Best Host IDS Tools Bryan Strong (Dec 27)
- RE: Best Host IDS Tools Rob Shein (Dec 27)
- Re: Best Host IDS Tools Frank Knobbe (Dec 27)
- Re: Best Host IDS Tools Jerry (Dec 27)
- Re: Best Host IDS Tools Frank Cheong (Dec 27)